6 matches found
CVE-2023-28630
GoCD is an open source continuous delivery server. In GoCD versions from 20.5.0 and below 23.1.0, if the server environment is not correctly configured by administrators to provide access to the relevant PostgreSQL or MySQL backup tools, the credentials for database access may be unintentionally...
CVE-2023-28630
creationtimestamp| type| source ---|---|--- 2023-03-28 00:38:16+00:00| seen| https://t.me/cibsecurity/60838...
CVE-2023-28630 Sensitive information disclosure possible on misconfigured failed backups of non-H2 databases in gocd
GoCD is an open source continuous delivery server. In GoCD versions from 20.5.0 and below 23.1.0, if the server environment is not correctly configured by administrators to provide access to the relevant PostgreSQL or MySQL backup tools, the credentials for database access may be unintentionally...
CVE-2023-28630 Sensitive information disclosure possible on misconfigured failed backups of non-H2 databases in gocd
GoCD is an open source continuous delivery server. In GoCD versions from 20.5.0 and below 23.1.0, if the server environment is not correctly configured by administrators to provide access to the relevant PostgreSQL or MySQL backup tools, the credentials for database access may be unintentionally...
CVE-2023-28630
CVE-2023-28630 affects GoCD versions 20.5.0 through 23.1.0. When backups are enabled but the server cannot access the required backup binaries (pg_dump for PostgreSQL or mysqldump for MySQL), a failure to launch the backup utility can leak the plaintext database password in admin alerts. The flaw...
CVE-2023-28630 Sensitive information disclosure possible on misconfigured failed backups of non-H2 databases in gocd
GoCD is an open source continuous delivery server. In GoCD versions from 20.5.0 and below 23.1.0, if the server environment is not correctly configured by administrators to provide access to the relevant PostgreSQL or MySQL backup tools, the credentials for database access may be unintentionally...